Re: hardware firewall

From: Stephen (triple_des_at_hotmail.com)
Date: 01/06/04

• Next message: Stephen: "Re: hardware firewall"
• Previous message: Bit Twister: "Re: sick of Linux bias"
• In reply to:(deleted message) Leythos: "Re: hardware firewall"
• Next in thread: Leythos: "Re: hardware firewall"
• Reply:(deleted message) Leythos: "Re: hardware firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 5 Jan 2004 22:27:13 -0800

"Leythos" <void@nowhere.com> wrote in message
news:MPG.1a63a76e1619da1298a039@news-server.columbus.rr.com...
> In article <HOkKb.3342$HR.7602@news.indigo.ie>, triple_des@hotmail.com
> says...
> > I think IPSec Filters are a better option, you just have more control.
> >
> > ""Crash" Dummy" <dvader@deathstar.mil> wrote in message
> > news:vviro7ag8uko66@corp.supernews.com...
> > > >Most Web Server software (including MS IIS) has an ALLOW / BLOCK list
> > > >already built into them - just add the IP in the site configuration.
> > >
> > > Where is the Allow/Block list in IIS? I use firewall rules to allow a
few
> > > specific users to access my IIS. (I just have the "lite" version that
> > comes with
> > > W2K Pro.) The only way I see to restrict access in IIS is with
> > > username/password, not by IP.
>
> How about showing us how one would configure IPSec filters for a IIS box
> that appears to still have to let the user work with it on the existing
> network? (please bottom post)
>
> --
> --
> spamfree999@rrohio.com
> (Remove 999 to reply to me)

Hi Leythos

You simple need to include rules for the local subnet or what ever subnet
that allow tcp 135,139,445 and UDP 135,137,138,445 there may alos be
additional port but that is the common port for Microsoft Networking. Oh
and of course TCP 80 for local web access. BUT BUT BUT. if this is a web
server it shouldn't have MS networking and should be hardening and in a DMZ,
hence should only be fulfilling web needs. After all we don't want to be
putting are Internal Network on the Internet (dont mean to sound sarcastic)

Hope this is the reponse you where looking for

Regards

Stephen

---

• Next message: Stephen: "Re: hardware firewall"
• Previous message: Bit Twister: "Re: sick of Linux bias"
• In reply to:(deleted message) Leythos: "Re: hardware firewall"
• Next in thread: Leythos: "Re: hardware firewall"
• Reply:(deleted message) Leythos: "Re: hardware firewall"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: Unable to allow Internet Access from ISA Server Machine ... So no matter what I do the the Local Host network, ... going to look at the Internal Network for the settings. ... Configuring ISA Server with a Single Network Adapter ... (microsoft.public.isaserver) Re: Site to Site Access on ISA Server ... I added the melbourne range to the internal Network and added that static ... and I am now able to Ping the vpn device in the melbourne office.. ... The internal network object definition on ISA is currently 192.168.1.0 to ... (microsoft.public.isa) Re: New subnet with two NICs ... We do use a layer 3 switch and the routing is being handled with RIP ver2. ... what needs to be done on the ISA is to: ... current Internal network list. ... Internal Network Definition. ... (microsoft.public.isa.configuration) Re: New subnet with two NICs ... On both subnets, each device is configured to use this layer 3 ... what needs to be done on the ISA is to: ... current Internal network list. ... Internal Network Definition. ... (microsoft.public.isa.configuration) Re: Controlling server security -- to domain or not to domain? ... > very least you have a bunch of servers physically on the network that each ... that is not connected to the internal network. ... connecting the DMZ to the internal network and making the server a domain ... (microsoft.public.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)